VRRP, is this excesive or normal?
-
VRRP and CARP on the same broadcast domain is not a good combination I think.
-
ahhh, that is not good then. What can i do about that?
-
Maybe try moving your vhids of the carp machines to something much higher. In case VRRP and CARP use the same vhids they might try talking to each other but don't understand each other ;)
-
Please place a block rule at the end of your ruleset and then see what is going up…
-
in the logfile… i think many cisco broadcasts
-
wow this might be why, I have 3 pairs of pfsense firewalls, all have VIP's and I use vhid 1, 3, and 5 on all 3, so that is probably causing problems? I guess that makes sense, just makes me feel dumb for overseeing that.
-
VHIDS should only be shared for the same ip address across cluster members.
In addition, if you have upstream VRRP traffic you should ensure you are not using the same "vhid" id#.
-
I changed all VHIDs on all boxes, all different and all higher numbers now. Looks like I am running smooth, but what has me worried/confused is I have a constant 800k-1mbit of traffic all the time even when nothing is going through pfsense? Shows up in RRD and Traffic graphs. Any ideas?
-
Time to sniff to see what's going on ::)
-
Do a tcpdump and run through wiresharks expert analyzer.